Vulnerabilities > Google > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-07-11 | CVE-2016-3813 | Information Exposure vulnerability in Google Android The Qualcomm USB driver in Android before 2016-07-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28172322 and Qualcomm internal bug CR1010222. | 5.5 |
2016-07-11 | CVE-2016-3812 | Information Exposure vulnerability in Google Android The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832. | 5.5 |
2016-07-11 | CVE-2016-3810 | Information Exposure vulnerability in Google Android The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28175522 and MediaTek internal bug ALPS02694389. | 5.5 |
2016-07-11 | CVE-2016-3809 | Information Exposure vulnerability in Google Android The networking component in Android before 2016-07-05 on Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 27532522. | 5.5 |
2016-07-11 | CVE-2016-3764 | Improper Input Validation vulnerability in Google Android media/libmediaplayerservice/MetadataRetrieverClient.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to obtain sensitive pointer information via a crafted application, aka internal bug 28377502. | 4.0 |
2016-07-11 | CVE-2016-3761 | Information Exposure vulnerability in Google Android NfcService.java in NFC in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to obtain sensitive foreground-application information via a crafted background application, aka internal bug 28300969. | 4.0 |
2016-07-11 | CVE-2015-8893 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to cause a denial of service (OS outage or buffer over-read) via a crafted application, aka Android internal bug 28822690 and Qualcomm internal bug CR822275. | 5.5 |
2016-07-11 | CVE-2014-9798 | Improper Access Control vulnerability in Google Android platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service (OS outage) via a crafted application, aka Android internal bug 28821448 and Qualcomm internal bug CR681965. | 5.5 |
2016-06-16 | CVE-2012-6702 | Cryptographic Issues vulnerability in multiple products Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. | 5.9 |
2016-06-13 | CVE-2016-2500 | Information Exposure vulnerability in Google Android Activity Manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not properly terminate process groups, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 19285814. | 5.5 |